This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
1) Impossible - there are history.go() hacks, but they are not really disabling it
2) Impossible - there are history.go() hacks, but they are not really disabling it
3) Impossible - URLS can be changed, user can easily write it down and type it in manually
4) You can find hashing stuff out there on the net, BUT you got to realize that the code is is plain site to the user and anyone with a little knowledge of JS can get it.
5) You really can not do that. Look into using Posts with expires meta tags.
It is virtually impossible to make a page secure like you want to do. You need to build security on your serverside and make it smart to handle different situations.